Allow unknown CBOR fields (ref #66)

libwebauthn/Cargo.toml

@@ -29,7 +29,7 @@ futures = "0.3.5"
 tokio = { version = "1.45", features = ["full"] }
 serde = "1.0.110"
 serde_cbor = "0.11.2"
-serde-indexed = "0.1.1"
+serde-indexed = "0.2.0"
 serde_derive = "1.0.123"
 serde_repr = "0.1.6"
 serde_bytes = "0.11.5"

libwebauthn/src/fido.rs

@@ -12,6 +12,7 @@ use std::{
 };
 use tracing::{error, warn};
 
+use crate::proto::ctap2::cbor;
 use crate::{
     proto::{
         ctap2::{Ctap2PublicKeyCredentialDescriptor, Ctap2PublicKeyCredentialType},
@@ -95,7 +96,10 @@ where
         // signCount               | 4
         // attestedCredentialData  | variable
         // extensions              | variable
-        let mut res = self.rp_id_hash.to_vec();
+        let mut res = cbor::to_vec(&self.rp_id_hash).map_err(|e| {
+            error!("Failed to create AuthenticatorData output vec at rp_id_hash: {e:?}");
+            Error::Platform(e.into())
+        })?;
         res.push(self.flags.bits());
         res.write_u32::<BigEndian>(self.signature_count)
             .map_err(|e| {
@@ -120,10 +124,11 @@ where
             })?;
             res.extend(&att_data.credential_id);
             let cose_encoded_public_key =
-                serde_cbor::to_vec(&att_data.credential_public_key)
+                cbor::to_vec(&att_data.credential_public_key)
             .map_err(|e| {
                 error!(
-                    "Failed to create AuthenticatorData output vec at attested_credential.credential_public_key: {e:?}"
+                    %e,
+                    "Failed to create AuthenticatorData output vec at attested_credential.credential_public_key"  
                 );
                 Error::Platform(PlatformError::InvalidDeviceResponse)
             })?;
@@ -132,8 +137,8 @@ where
 
         if self.extensions.is_some() || self.flags.contains(AuthenticatorDataFlags::EXTENSION_DATA)
         {
-            res.extend(serde_cbor::to_vec(&self.extensions).map_err(|e| {
-                error!("Failed to create AuthenticatorData output vec at extensions: {e:?}");
+            res.extend(cbor::to_vec(&self.extensions).map_err(|e| {
+                error!(%e, "Failed to create AuthenticatorData output vec at extensions");
                 Error::Platform(PlatformError::InvalidDeviceResponse)
             })?);
         }
@@ -215,9 +220,8 @@ impl<'de, T: DeserializeOwned> Deserialize<'de> for AuthenticatorData<T> {
                     let mut credential_id = vec![0u8; credential_id_len];
                     cursor.read_exact(&mut credential_id).unwrap(); // We checked the length
 
-                    let mut deserializer = serde_cbor::Deserializer::from_reader(&mut cursor);
                     let credential_public_key: PublicKey =
-                        Deserialize::deserialize(&mut deserializer).map_err(DesError::custom)?;
+                        cbor::from_reader(&mut cursor).map_err(DesError::custom)?;
 
                     attested_credential = Some(AttestedCredentialData {
                         aaguid,
@@ -228,7 +232,7 @@ impl<'de, T: DeserializeOwned> Deserialize<'de> for AuthenticatorData<T> {
 
                 let extensions: Option<T> =
                     if flags.contains(AuthenticatorDataFlags::EXTENSION_DATA) {
-                        serde_cbor::from_reader(&mut cursor).map_err(DesError::custom)?
+                        cbor::from_reader(&mut cursor).map_err(DesError::custom)?
                     } else {
                         Default::default()
                     };

libwebauthn/src/management/authenticator_config.rs

@@ -1,3 +1,4 @@
+use crate::proto::ctap2::cbor;
 use crate::proto::ctap2::Ctap2ClientPinRequest;
 pub use crate::transport::error::{CtapError, Error};
 use crate::transport::Channel;
@@ -14,7 +15,6 @@ use crate::{
 };
 use async_trait::async_trait;
 use serde_bytes::ByteBuf;
-use serde_cbor::ser::to_vec;
 use std::time::Duration;
 use tracing::info;
 
@@ -173,7 +173,7 @@ impl Ctap2UserVerifiableRequest for Ctap2AuthenticatorConfigRequest {
         data.push(0x0D);
         data.push(self.subcommand as u8);
         if self.subcommand == Ctap2AuthenticatorConfigCommand::SetMinPINLength {
-            data.extend(to_vec(&self.subcommand_params).unwrap());
+            data.extend(cbor::to_vec(&self.subcommand_params).unwrap());
         }
         let uv_auth_param = uv_proto.authenticate(uv_auth_token, &data);
         self.protocol = Some(uv_proto.version());